18.6. Programming with Python

Problem

You want to programmatically access Active Directory using Python.

Solution

As with Perl, you have two options for programming Active Directory with Python: the native LDAP-based approach, and a COM interface, which allows you to use ADSI. The LDAP module can be downloaded from http://python-ldap.sourceforge.net/. The COM interface is part of the standard ActivePython install available from ActiveState (http://www.activestate.com/ActivePython/).

The following Python code sample prints out the RootDSE of DC1 using the LDAP interface:

import ldap

try:
   l = ldap.open("dc1")
except ldap.LDAPError, e:
   print e

baseDN = ""
searchScope = ldap.SCOPE_BASE
retrieveAttributes = None 
searchFilter = "objectclass=*"

try:
   ldap_result_id = l.search(baseDN, searchScope, searchFilter, 
                             retrieveAttributes)
   result_type, result_data = l.result(ldap_result_id, 0)
   if result_type == ldap.RES_SEARCH_ENTRY:
      print result_data

except ldap.LDAPError, e:
   print e

This next code sample uses the win32com.client module to access the RootDSE with ADSI:

import win32com.client

objRootDSE = win32com.client.GetObject('LDAP://RootDSE')
objRootDSE.GetInfo( )

for i in range( 0, objRootDSE.PropertyCount - 1):
   prop = objRootDSE.Item(i)
   print prop.Name
   for val in prop.Values:
      print "  ",val.CaseIgnoreString

Discussion

More information is available on Python by going to the Python home page: http://www.python.org/.

Get Active Directory Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.